You are here

Blogs

Earlier this month, I attended Catalyst 2019, hosted by Affiliated Monitoring, at the “happiest place on Earth,” where “magic” literally happens moment by moment. With two main goals—education and networking/relationship building—this year’s Catalyst provided a ton of “magical” nuggets that all PERS and mPERS professionals need to know.

Need to Know Data

Daniel Oppenheim, Affiliated Monitoring’s CEO, pumping up the audience with his keynote and survey results from Edmonds Group: in 2017, PERs signed up 1.4 million service customers. This data is significant, because up until then, the PERs industry didn’t have good data revealing the size of this niche industry.

Oppenheim continued on, explaining how professional monitoring protects our 911 system: Of the 3.4 million active PERs customers, 51 percent press their button every month. This results in 1,734,000 professional monitoring interventions per month, saving 166,464 lives per month and preventing 1,567,536 calls to 911 per month. To continue “protecting seniors and giving peace of mind to caregivers,” Oppenheim suggested the need for professional monitoring companies to partner with government entities.

Need to Know Challenges

The top three PERs company challenges are:

1. Telecom changes – The National Center for Health Statistics found 24 percent of those aged 65 and older have do not have a landline phone and within the next five years, VoIP adoption is expected to see a 124 percent growth rate.2. The 4G transition – Carriers say there will be no new 3G Sim activations after THIS summer, with the 3G network forecasted to shut down by February 2022.3. “Self-monitoring” and overcoming customer objections – Educating customers as to why PERs and professional monitoring is needed when there are so many smart devices on the market today, including smart speakers and watches, and emergency alert apps.

• Third-party lead generation (gen) – if you purchase leads, know exactly where the company is getting those leads from; make sure lead gen contracts include “callable leads,” meaning the consumer understood that by providing their information they will be contacted; train your staff on how to make calls lawfully and audit using scrubbers. Shuster also said if you receive a letter threatening to get sued because one of your company representatives called a consumer, do not ignore the letters; be proactive by obtaining legal advice.• Consumer data – if your company has collected sensitive data about consumers and that information isn’t needed, get rid of it.• STIR/SHAKEN – make it a point to understand this new technology standard to ensure calling numbers aren’t spoofed, or the calling telephone number is not altered.

Shuster explained that basically, a trust token is issued from a telephone company, authenticating all the company’s phone numbers. The type of token issued dictates whether your call will get through without harmful labels being placed on it, or even getting blocked.

Need to Know Business Operation Tips

Richard Brooks, president, healthcare division, ConnectAmerica, gave the executive keynote, with business tips interspersed throughout:• Your teams make you successful; make sure each team member knows their jobs and their importance to the overall success of your PERs business.• Build “on-ground” relationships; you have to actually “touch” people so get “feet on the street.”• Your employees are your most important asset because they talk to your customers, sell your products and serve people.• Employees need to understand everything they do can impact a life.• As your PERs business grows, it’s impossible to do everything, so hire a management team to help with leadership.• For small PERs businesses, emphasize you’re the “local PERs provider” because seniors like local.• Local relationships are key for small PERs companies getting bought by larger companies. Know the key local people, interact and establish a good relationship. Brooks also advised keeping great books and records, staying on top of cash receipts.

Attending events is an exciting part of my managing editor role here at Security Systems News, which suites me to a tee because I love learning and then sharing my newfound knowledge with our amazing readers.

With ESX 2019 just a few weeks away, SSN caught up with ESX Chairman George De Marco to talk about the upcoming conference and expo in Indianapolis, June 3-6, his views on the industry and what he thinks are the greatest challenges and opportunities within security today.

SSN: As the Premier Media Sponsor for the ESX Conference again this year, Security Systems News is excited to support and participate in the conference and expo. What are you most looking forward to at this year’s ESX Conference?

De Marco: Every year, I look forward to reconnecting with security professionals from across North American to get insights on their business challenges and near-term opportunities. However, the Indy Experience is top of mind for me. I’m very excited to head to the Indianapolis Motor Speedway for a tour and an opportunity to jump in a pace car for a quick trip around the track, especially just after the Indy 500 takes place at the Brickyard.

SSN: What do you think are the some of the key benefits of attending ESX? What do attendees have to look forward to this year?

De Marco:The key benefits for security professionals are education, networking opportunities, and quality conversations with exhibitors. For education, our peer-developed and peer-delivered content represents some of the best in the industry … it’s an opportunity for security professionals to gain knowledge about the trends, opportunities and challenges in the industry, including learning best practices from industry thought leaders. Our networking opportunities allow security professionals to spend time with their peers and colleagues in informal settings to talk shop and allow for deep conversations on how to solve everyday problems with real solutions. In addition, the exhibit hall is where dealers and integrators will have quality conversations on ways to grow revenues and improve profits.

SSN: You have some exciting keynote speakers this year. Can you talk a bit about each one and what they bring to a show like ESX?

De Marco: Every Main Stage session brings something special to ESX, whether its inspirational, business-focused, or addressing the changing competitive landscape. The OpenXchange begins the Main Stage journey with a drone company founder who has a unique perspective on security as well as an Entrepreneur-in-Residence from Kleiner Perkins, a venture capital firm that specializes in investing in incubation, early stage and growth companies.

The Opening Keynote, Dr. Rick Rigsby, will highlight a profound message about rediscovering what is really important and meaningful for organizations to consider. The General Session centers on a compelling message from Kevin Brown, called the Hero Effect, giving us insights on what it takes to reach beyond what is required and do something remarkable — personally and professionally. And our Closing Keynote focuses on taking security to the next level. A Secret Security agent and a Director of Safety from the motorsports racing company will illustrate a process to change our perspective on how we approach security, especially in the workplace and in schools. In addition, during the Closing Keynote, we will recognize recipients of ESA’s Scholarship and TMA’s Public Safety Award, including SIAC’s PDQ and Moody awards.

SSN What do you think are the top trends — technology and otherwise — impacting, shaping and affecting the industry today?

De Marco:I think the future of interaction with security systems and connected devices is beginning to take effect, from voice-recognition and voice-enabled technologies. As the interaction of voice evolves into a more natural experience for humans with their computer counterparts, the adoption of smart home devices and security-related products will grow within the home, at work, and on the road.

The definition of monitoring is being redefined beyond just dispatching police or fire services. As next-gen monitoring evolves, new services are being developed that provide consumers and businesses with personalized monitoring capabilities for their specific needs, like self-directed and on demand monitoring options and concierge-type services.

SSN: What are some of the most notable challenges — disruptive factors — for security pros today and how will ESX address these and help them to overcome them?

De Marco:I believe false alarms continue to impact the industry, highlighting the need to use technology to find a better method that significantly reduces false dispatches. With the help of video using AI and machine learning capabilities, metadata that brings context to data received from connected sensors and mobile devices and next-gen monitoring processing, the combined methodologies will greatly reduce false dispatches over time.

Labor shortage is causing some companies to tap down their growth initiatives. As dealers and integrators struggle to find a qualified workforce in traditional channels, I think progressive companies are looking outside these channels to attract new employees and are reevaluating their organization’s culture, purpose and training to be more aligned to attract next-gen workforce.

Industry disruptors are beginning to evolve their offerings to be more mainstream which is changing consumer buying behaviors for security and safety products and services for homes and apartment communities. This trend is having traditional dealers and integrators reassess the residential channel and consider pivoting to the commercial marketplace.

Lastly, the 3g sunset is looming on the horizon and is a major concern for industry professionals. The cost to upgrade communications protocols and rolling a truck are expensive. It also negatively affects customer retention as consumers seek alternative solutions for their security needs, causing attrition rates to spike.

SSN: What do you think is the overall state of the industry and the forecast moving forward?

De Marco: I believe the industry has some interesting challenges ahead, especially as the competitive landscape unfolds. Disruptive companies, like Amazon and SimpliSafe, as well as the 3g sunset, margin compression, creation multiples, and the cost of customer retention programs play a major factor into lenders and buyers’ valuation methodology, which are all beginning to contribute to downward pressure for acquiring RMR contracts. In recent years, there seems to be a pivot towards commercial security and fire systems by traditional dealers and alarm companies.

Each year, the ESX Innovation Awards program recognizes outstanding products and services that drive the electronic security and life safety industry forward. This year’s winners will receive their awards on the expo floor at ESX on June 4 and be featured in the Innovation Awards Showcase during expo hours, June 4-5 at the Indianapolis Convention Center.

To determine the best from each category, judges select winners from a pool of applications from manufacturers and service providers, serving the industry with innovative end-user offerings and tools that help dealers, integrators and monitoring professionals become more efficient and profitable.

“The nominees for ESX Innovation Awards were extremely impressive this year and nicely represent the electronic security and life safety industry,” George De Marco, ESX Chairman said in the announcement. “Solving everyday problems is the key to growth opportunities for dealers, integrators and monitoring companies to better compete in the marketplace.”

Entrants to the Innovation Awards program are judged on: Features and functions, innovation, end-user experience, ability to solve a problem, revenue growth potential, impact on company efficiencies and compliance with regulations. These metrics provide a rubric that determines the most innovative and exceptional products and services in the industry.

Winners of the Innovation Awards will be featured in the ESX Innovation Awards Showcase in Booth 615 during live expo hours, June 4-5.

To determine the best in show, the ten most innovative category-winners will enter the TechVision Challenge – a “Shark Tank” style competition before a panel of judges at ESX. The winner of the TechVision Challenge will be announced live from the expo floor at ESX Central on June 4.

Registration is still open for ESX. For more information and to register, visit ESXweb.com.

For the past few weeks, I have been rather intrigued with IoT devices, smart homes, and security and safety of people in this context. (After all, aren’t our homes supposed to be our safe haven … our place of escape from the crazy, hurried world we live in?) After perusing the internet regarding this topic, I thought I had read about almost everything imaginable, but I was thrown a curve ball by a man, Geoffrey A. Fowler, technology columnist, The Washington Post, who literally made a song out of the recordings Alexa had of him! (Click here to listen.)

Fowler reported that he listened to four years of his Alexa archive that highlighted fragments of his life: spaghetti-timer requests, houseguests joking and random snippets of a once-popular TV show. Alexa even captured and recorded sensitive conversations—a family discussion about medication and a friend conducting a business deal—apparently triggered by Alexa’s “wake word” to start recording. So, why are tech companies recording and saving our voice data? According to Amazon, “when using an Alexa-enabled device, the voice recordings associated with your account are used to improve the accuracy of the results.”

Fact or fiction? Maybe both, because another main reason is to train their artificial intelligence (AI).

I may be going out on a limb here, but if people’s voice data is being recorded and USED without their knowledge, isn’t this an invasion of privacy? I say, “Yes, without a doubt!” Not only that, but shouldn’t these tech companies hire and pay people for their voice data to train their AI? I mean, “free” saves the companies money, but to the extent of people’s private conversations and information being recorded and used without permission?

So, what can be done? Defeating the purpose of Alexa would be to mute its microphone or unplug it, but, in my opinion, if I was going to have a private conversation, that would be better than putting my personal business out there. Another option would be to delete Alexa voice recordings, but Amazon warns:

“If you delete voice recordings, it could degrade your experience when using the device.”

“Deleting voice recordings does not delete your Alexa Messages.”

“You may be able to review and play back voice recordings as the deletion request is being processed.”

(I wonder what a “degraded Alexa experience” entails and I also wonder how long it takes to process a deletion request, as during this time voice data can be used.)

For me personally, I will stick with the “old-fashioned” way of living to preserve and protect my privacy—physically stand up, walk over to the window and close/open the blinds by hand; set alarms manually on my smartphone or built-in timer on my microwave; and even use the remote to turn the TV off and on, change channels and control the volume.

By the way, don’t forget to listen to your own Alexa archive here or in the Alexa app: Settings > Alexa Account > Alexa Privacy. What all does Alexa have on you?

As the Jaws warning theme song plays in my head, along with the ‘Baby Shark’ song that became an internet sensation, patterns of “do-do-da-do” fill my head as I anticipate the first-ever Affiliated Monitoring Shark Tank at Catalyst 2019. I’m excited to be heading out to sunny Orlando’s Four Seasons at Walt Disney World Resort® to get a first-hand look at the PERs/mPERs niche of the security industry. This is Affiliated’s 4th Catalyst Conference and I feel congratulations are in order, so on behalf of the SSN team, “Congratulations Affiliated Monitoring!”

As of February 28, 2019, at noon, via email, I got word that teams from over 70 companies were registered to attend this event. This is a marvelous turn out all on its own, but the final attendee count is yet to be determined since the event doesn’t even start until today! Soon, golfers will be yelling “four” as they swing their carefully chosen clubs at Tranquilo Golf Course on the Four Seasons Resort to determine who reigns supreme on the course in best ball with additional challenges for longest drive and closest to the pin. Afterwards tips for free and almost free tools, tricks and marketing strategies to grow a PERs business will be presented with a welcome cocktail reception closely following at the Four Seasons’ Pool Bar & Grill all on Wednesday, May 8th.

Then, bright and early on Thursday, May 9th, the live action will start on my Twitter feed @SSN_Ginger, and continue on until the end of the conference, sharing the highlights of each day. Thursday will be a PERs-related montage of Daniel Oppenheim of Affiliated Monitoring delivering the day’s keynote: a view of the demographic changes driving the growth in the PERs industry along with PERs-specific trends; presentations; sessions; and networking intermingled with coffee and food.

Of course, on Friday, May 10th, there will be coffee and food, but more important, taking the stage is Executive Keynote Speaker and President, Healthcare Division at Connect America, Richard Brooks, an industry icon with story after story of priceless knowledge about leading and growing multiple PERs and telehealth businesses. Attendees will gain insights to take their PERs business to next level by learning the top things no one ever tells about when scaling a PERs company. Attendees are then invited to “swim” on over to the Shark Tank where innovators will come face-to-face with the Sharks, industry veterans who will listen to contestants’ pitches and decide if they are interested!

Bring a notepad and writing utensil to take notes of the amazing knowledge your will learn.

Before Friday, May 10th review the Brainstorming Roundtable topics and create questions to ask during each. Write them down in your notebook and leave space below each one for the answer to keep your notes organized.

If you’re escaping to Epcot for the scavenger hunt, casual or athletic clothes are recommended. Sneakers are REQUIRED by Disney; NO open toed shoes allowed.

The National Fire Protection Association (NFPA) will host its annual Conference & Expo at the Henry B. González Convention Center in San Antonio, June 17-20. This comprehensive event brings together thousands of the industry’s leading professionals who will attend more than 120 educational sessions and special events addressing the latest issues, challenges and trends in the world of fire, electrical, and life safety.

This year’s expo, featuring more than 325 exhibitors, brings to life the products and services needed to meet and maintain compliance with prevailing codes and standards in the design, construction and operation of buildings and facilities of every kind. The expo floor will also feature an emerging technologies and electrical pavilion, offering product displays with hands- on learning and an immersive virtual reality experience for contractors and electricians, inspectors and building officials, among others.

Notable presentations include:

Active Shooter/Hostile Event Response and NFPA 3000TM(PS) Program: Lessons Learned and a New StandardJune 18, 8 a.m. - 12 p.m.With an increase in gun-related incidents around the nation, a panel of experts will explain recent events that led to the creation of the NFPA 3000TM(PS), Standard for an Active Shooter/Hostile Event Response (ASHER) Program. The session will include lessons learned from the specific events in which active shooters were involved, followed by a discussion that includes an overview of the content of the standard and the roles and responsibilities of those working to prevent future incidents.

Is it time to P.A.N.I.C.? Shifting Community Risk Reduction from Concept to RealityJune 17, 8 - 9 a.m.Find out what the P.A.N.I.C. is all about! Community risk reduction (CRR) is a process that identifies and prioritizes local risks to ensure integrated and strategic resource investment to reduce the occurrence and impact of dangerous risks. While CRR is discussed in many fire departments, a full implementation is often hindered by challenges. During this interactive discussion, presenters will break down five strategic actions—modeled in the acronym P.A.N.I.C.—to drive successful CRR implementation and overcome common barriers. Attendees will find out why successful CRR programs include input from officers, operations, and the overall community, learn real-world examples of the process in action, and have the chance to generate additional solutions.

Making Hot Work Safety an Everyday PracticeJune 17, 8 a.m. - 12 p.m.In its 2016 fire incident report, “Structure Fires Started by Hot Work,” NFPA presents data showing a U.S. annual average of over 4,000 fires caused by hot work—and that doesn’t account for those in industrial occupancies, including oil and gas sector worksites. US Chemical Safety Board, OSHA, and industry-specific reports confirm that hot work incidents are becoming increasingly common. Participants will receive practical guidance regarding flammable liquids or gases, including the essentials for monitoring concentration buildup of vapors that cannot be seen or detected without special monitoring devices.

When Uber Meets Octane: Fire Code Requirements for On-Demand FuelingJune 18, 5 - 6 p.m.NFPA 30A and the 2018 International Fire Code have new provisions for on-demand fueling where gasoline or diesel fuel can be delivered directly to a consumer's vehicle using a smartphone. This presents a variety of regulatory and emergency response issues to the fire service. This presentation reviews key technical requirements in NFPA 30A, 2018 IFC, US DOT regulations and the potential risks to emergency responders.

A New Standard for Energy Storage Systems: NFPA 855June 12, 9:15-10:15 a.m.As the energy storage industry continues to grow, NFPA is engaged in a number of initiatives aimed at promoting the safe and sustainable expansion of this renewable technology. One of NFPA's most substantial contributions is the creation of NFPA 855, Standard for the Installation of Stationary Energy Storage Systems. Get the most up-to-date and in-depth information on the contents of the new NFPA 855, which should be published or may have notices of intent to make a motion (NITMAMs) at the 2019 NFPA Technical Meeting.

Founded in 1896, NFPA is a global self-funded nonprofit organization devoted to eliminating death, injury, property and economic loss due to fire, electrical and related hazards. The association delivers information and knowledge through more than 300 consensus codes and standards, research, training, education, outreach and advocacy; and by partnering with others who share an interest in furthering the NFPA mission. For more information, visit www.nfpa.org. All NFPA codes and standards can be viewed online for free at www.nfpa.org/freeaccess

The last blog I wrote, “What your connected smart home IoT devices are really doing,” highlighted the fact that there are no security standards for IoT manufacturers to follow when creating networked devices. This should cause concern or at least pause for people using such devices, especially in their homes. But, just how aware are consumers about potential risks and do people actually trust the devices they use every day?

ASecureLife conducted a survey of 300 Americans nationwide to determine how much participants trust the technology they use regularly in their homes as well as people’s biggest concerns related to smart home technology, home security and online privacy. The survey found:

1. A quarter of Americans are NOT concerned with being monitored online by criminals. This nonchalant attitude resulted in 23 percent of American households having someone victimized by cybercriminals in 2018, according to GALLUP.

Additionally, in 2017, the FBI’s Internet Crime Complaint Center received more than 300,000 complaints, totaling more than $1.4 billion in monetary losses for victims.

2. Americans are more concerned about being monitored online by the government than by businesses.

3. Two-thirds of Americans believe their smart devices are recording them. While it’s time consuming, and to be honest, boring, thoroughly read a company’s terms and conditions so you know what personal information that company is collecting from you, and how they’re using it.

Tip: Adjust the settings on your smart equipment to maximize your privacy. For example, turn off Amazon Echo’s “Drop In” setting to prevent the it from automatically syncing and conversing with other Echo devices.

4. About one in five parents would let Alexa entertain their kids while they’re away. WOW! Parents are actually trusting their children’s safety and security to the virtual world!? (We’ll be discussing this later on in this blog post! Read on!)

5. Seventy-five (75) percent of Americans believe smart homes can be easily hacked, but 33 percent have and use some type of smart home technology. This indicates that consumers are indeed buying these gadgets. In fact, a joint-consumer survey conducted by Coldwell Banker Real Estate and CNET found 47 percent of Millennials, aged 18 to 34 years, have and use smart home products.

6. Women are typically more concerned with home security than financial security, and the opposite is true for men. Participants were asked if they fear a home invasion more than identity theft: 53 percent of women participants said “yes,” compared to 44 percent of men.

Participants were also asked which of the following they would rather do: stop locking your doors or change all your passwords to “1234.” Men’s responses were split evenly, while 59 percent of women preferred to change their passwords to this all-to-common numerical sequence.

7. Americans aged 55 and older are more protective of their financial security than their home security; the opposite is true for younger people. Participants over age 54 were asked if they feared home invasion more than identity theft to which 70 percent answered “no.” However, participants under age 34 were more likely to fear home invasion.

While all the findings were eye-opening, for me personally, the one that haunted me pretty deeply was the one about Alexa “babysitting” kids. It’s one thing for parents to allow their children to use Alexa under their supervision, but to allow minors to access Alexa while they are away can be extremely dangerous, in my opinion and based on the news we see every day concerning criminals hacking into security systems, devices recording home-based conversations, apps giving away data to advertisers, and the list goes on and on.

Question for you parents out there: Would you allow your children to access Alexa when you aren’t at home? Why or why not?

Mission 500, a 501c3 charitable organization born from the professional security industry to serve children and families in need across the U.S., raised over $145,000 at its 10th annual Security 5K/2K Run/Walk at this year’s ISC West show, April 9-12 in Las Vegas.

Mission 500 Founder George Fletcher told Security Systems News during a video interview at ISC West that the organization was able to surpass this year’s goal thanks to “sponsor support, signed up runners and individual fundraisers — our three primary sources of revenue — and our volunteers.”

Fletcher pointed out that Mission 500 relies heavily on volunteers, and had around 20 who showed up at five in the morning to help set up the race. “They come out every year and are passionate about what they are doing to help children and families,” he said.

Tom Nolan, director, strategic partnerships for Mission 500, added, “We had amazing volunteers — I think that was the best part of it for me.”

Some of the proceeds from this year’s 5K/2K event have already been put to great use during ISC West 2019 with volunteer and monetary donations made to Habitat for Humanity in Las Vegas to help provide a family in need with a new home, and a Mission 500 Care Pack drive during the event sponsored by HID Global, Freeman and the ISC West Security Events team.

“We are extremely thrilled at how the security industry continues to band together to and raise money for children and families in need,” Mission 500 Chairman of the Board Tim Purpura said. “The 10th anniversary of the Mission 5K/2K event was our most successful single event to date, and we are extremely grateful to all of the participants, volunteers and sponsors that made this wonderful event possible.”

The Mission 500 Club, which recognizes volunteers who raise $500 or more, had 12 members at this year’s 5K/2K that raised a combined $21,000. Ronnie Pennington of Altronix was the top fundraiser with $4,425 in pledged donations, followed by Nick Arthur of Brinks Home Security™ with $1,130, which was matched by his employer for a total of $2,825. The top fundraising team was Brink’s Home Security, which raised a total of $15,331.

This year’s fastest female was Karen Salerno of ISC Events with a time of 21:07. The fastest male and overall winner was Mitchell Vanderhagen of Everbridge, who completed the 5K course in 18:23. Complete race times can be found at https://elementalracetiming.com/the-security-5k-2019/.

At the Mission 500 5K/2K awards ceremony, this year’s Corporate Social Responsibility (CSR) Award was presented to Brinks Home Security for their outstanding philanthropic work through the year. Dave Foglio, Founder of First Response Security, received the Mission 500 Humanitarian Award for his outstanding charitable work.

Hikvision’s General Manager Eric Chen, and the Hikvision team, also increased their corporate social responsibility efforts at ISC West 2019 by donating an additional $860 to Mission 500 on behalf of all industry partners in attendance at their partner celebration at Tao.

As more and more people connect IoT devices to their homes, making them smarter, living machines, the more fodder hackers have to breach systems and gain access to consumers’ personal identifiable information, or even gain entrance into their humble abodes. The fact is, no security standards exist for IoT manufactures to follow when creating networked devices.

Lawmakers and states are stepping up, looking at ways to help protect consumers.

Industry talk of late about protecting owners of IoT devices have circled around the Cybersecurity Improvement Act of 2019 which would require the National Institute of Standards and Technology to develop new recommendations for device makers to follow. Even some states have created specific rules for IoT device creators to follow, such as California, that will require devices to be shipped with unique passwords or force users to set or reset passwords when setting up a device as of January 1, 2020.

But, are laws really the answer to this seemingly never-ending debacle? Shouldn’t the security industry come together as a whole to offer protection to consumers, their data and their homes? After all, we are in the business of protecting people while offering comfort and ease of living. I think a more proactive approach is in order, where device manufacturers step up to protect consumer data as well as empowering consumers to protect themselves.

A group of computer scientists from Princeton University and the University of California, Berkeley created a tool called Princeton IoT Inspector, an open-source desktop application that passively monitors smart home networks, showing potential security and/or privacy issues. It identifies all IoT devices on a smart home network, shows when these devices communicate/exchange data with an external server, and determines which servers these devices contacted and if those communications are secure. According to the IoT Inspector website, the goal is to answer three questions:

Who do your devices talk to?

What information is gathered?

Are the devices hacked?

Sounds great, right? Well, there are two cautions to be noted when using this tool. First, device names are included in the data sent, so that data will be accessible by Princeton. The app asks users to consent to this the first time the app is used. (Tip: Make sure your devices don’t include your name or any other personal identifiable information. If they do, rename them.)

Second, the research team is using a specific technique the “bad guys” typically use called ARP spoofing, a type of attack where a malicious actor sends false Address Resolution Protocol (ARP) messages over a local area network. Personally, I think it’s creative and smart to use the same techniques to beat the bad guys at their own games, turning malicious acts into something good. Just be sure you trust Princeton should you decide to use this tool.

Currently, Princeton IoT Inspector is only available on macOS, but there is a waitlist for Windows, which will be released next month, and Linux to be released the week of April 24th, 2019.

I know I am aging myself here, but after reading about the JetBlue passenger who was none-too-happy to find out that her face would be used as ID for boarding, I thought back to the TV show of my youth called Candid Camera. Now if you are younger than 50 (yes, I am less than a month away from a half century old), you probably won’t remember this show that featured a hidden camera with lovable host Allen Funt (and later with son Peter), who at the end of each skit would tell the person they are on a hidden camera show. Laughter would ensue and everyone would agree that it was all good fun.

The difference between then and now, though, is this whole concept of consent to being on video, not to mention current comfort levels within society today of having your identity out there in a database. I mean, let’s be honest, the idea of DHS/Customs and Border Patrol (CBP) collecting and protecting millions of biometric profiles is a bit frightening, but that is exactly what the agency plans to do in the next four years, with the ultimate goal of making access as frictionless, and hopefully, as safe as possible.

In fact, according to its fiscal report for 2018, DHS/CBP built a facial biometric matching service using biographic Advance Passenger Information System (APIS) manifest data and existing photographs of travelers boarding international flights. The biometric matching service is a robust cloud-based service that leverages existing advance passenger information to create a pre-positioned “gallery” of face images from U.S. Government holdings. The galleries are smaller, more manageable data sets that can be segregated based on APIS data for specific flights. The photographs can come from passport applications, visa applications, or interactions with CBP at a prior border encounter where CBP typically takes a photograph. The biometric matching service then compares a live photo of the traveler to the gallery of face images for that flight to identify the traveler and enable CBP to confirm the traveler’s crossing.

On exit, the matching service identifies the traveler, creates an exit record, and enables CBP to biometrically confirm the departure of in-scope, non-U.S. citizens. CBP is working towards full implementation of biometric exit in the air environment within the next four years to account for over 97 percent of departing commercial air travelers from the United States. In order to realize full implementation, CBP partnered with airports and airlines to deploy solutions to use biometric exit data-utilizing cameras (supplied by airports or airlines) that are integrated with the biometric solution.

As a result of the demonstrations and partnerships described above, CBP determined that facial recognition technology at the airline departure gate is a scalable solution for biometric exit in the air environment. At the end of FY 2018, biometric exit solutions were operational at 15 locations, and CBP has received many commitment letters from airport authorities and/or air carriers supporting biometric exit operations. Since its inception, over two million passengers on over 15,000 flights have used the technology on exit, with an average biometric match rate of 98 percent. As of December 2018, over 7,000 Out-Of-Country Overstays have been biometrically confirmed. Furthermore, similar successes have occurred when using the biometric technology in the air entry environment; CBP has to date used this data to identify six travelers attempting entry presenting travel documents not belonging to them, or presenting altered travel documents.

In FY 2018, CBP expanded the use of the Biometric Exit Mobile (BE-Mobile) program at land borders nationwide. CBP deployed mobile technology to the land border POEs, which allowed CBP officers working outbound pulse and surge operations to process exiting travelers using the BE-Mobile application. The BE-Mobile application creates a biometrically confirmed exit record for a departing traveler. This capability is another means by which CBP can close out entry/exit records biometrically, thus, helping to resolve some potential overstay records. From December 2017 through November 2018, CBP officers created a biometric exit record on over 23,000 travelers at the land border.

The agency is also working on both the southern and northern border using biometric technology, with plans to expand the application to identify people in cars.

What is your thought on the safety and security of protecting airports and borders with biometric solutions?